feat(profile): cleanup some dbus path/interfaces

apparmor.d/groups/apt/unattended-upgrade

@@ -39,8 +39,8 @@ profile unattended-upgrade @{exec_path} flags=(attach_disconnected) {
        interface=org.freedesktop.DBus.Introspectable
        member=Introspect,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=Inhibit,
 
   dbus (send,receive) bus=system path=/org/freedesktop/NetworkManager

apparmor.d/groups/apt/unattended-upgrade-shutdown

@@ -14,20 +14,20 @@ profile unattended-upgrade-shutdown @{exec_path} flags=(attach_disconnected) {
   include <abstractions/nameservice-strict>
   include <abstractions/python>
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=Inhibit,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
+  dbus send bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.DBus.{Introspectable,Properties}
        member={Introspect,Get},
 
   dbus send bus=system path=/org/freedesktop/NetworkManager
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus receive bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=PrepareForShutdown,
 
   @{exec_path} mr,

apparmor.d/groups/bus/ibus-extension-gtk3

@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/{,ibus/}ibus-extension-gtk3
 profile ibus-extension-gtk3 @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
+  include <abstractions/bus/atspi>
   include <abstractions/dbus-accessibility-strict>
   include <abstractions/dbus-session-strict>
   include <abstractions/dconf-write>
@@ -27,46 +28,11 @@ profile ibus-extension-gtk3 @{exec_path} flags=(attach_disconnected) {
   network inet6 stream,
   network netlink raw,
 
-  dbus send bus=session path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-       peer=(name=org.freedesktop.DBus, label=dbus-daemon),
-
   dbus send bus=session path=/org/gtk/Settings
        interface=org.freedesktop.DBus.Properties
        member=GetAll
        peer=(name=:*, label=gsd-xsettings),
 
-  dbus send bus=session path=/org/a11y/bus
-       interface=org.a11y.Bus
-       member=GetAddress
-       peer=(name=org.a11y.Bus, label=at-spi-bus-launcher),
-
-  dbus send bus=accessibility path=/org/a11y/atspi/registry
-       interface=org.a11y.atspi.Registry
-       member=GetRegisteredEvents
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus send    bus=accessibility path=/org/a11y/atspi/registry/deviceeventcontroller
-       interface=org.a11y.atspi.DeviceEventController
-       member={GetKeystrokeListeners,GetDeviceEventListeners}
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus send bus=accessibility path=/org/a11y/atspi/accessible/root
-       interface=org.a11y.atspi.Socket
-       member=Embed
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus receive bus=accessibility path=/org/a11y/atspi/accessible/root
-       interface=org.freedesktop.DBus.Properties
-       member=Set 
-       peer=(name=:*, label=at-spi2-registryd),
-
-  dbus receive bus=accessibility path=/org/a11y/atspi/registry
-       interface=org.a11y.atspi.Registry
-       member=EventListenerDeregistered 
-       peer=(name=:*, label=at-spi2-registryd),
-
   dbus receive bus=session
        interface=org.freedesktop.DBus.Introspectable
        member=Introspect

apparmor.d/groups/bus/ibus-x11

@@ -9,8 +9,9 @@ include <tunables/global>
 @{exec_path} = @{lib}/{,ibus/}ibus-x11
 profile ibus-x11 @{exec_path} flags=(attach_disconnected) {
   include <abstractions/base>
-  include <abstractions/dbus-session-strict>
+  include <abstractions/bus/atspi>
   include <abstractions/dbus-accessibility-strict>
+  include <abstractions/dbus-session-strict>
   include <abstractions/dri-common>
   include <abstractions/dri-enumerate>
   include <abstractions/fonts>

apparmor.d/groups/freedesktop/accounts-daemon

@@ -25,11 +25,11 @@ profile accounts-daemon @{exec_path} flags=(attach_disconnected) {
   dbus (send,receive) bus=system path=/org/freedesktop/Accounts{,/User[0-9]*}
        interface=org.freedesktop.{DBus.{Properties,Introspectable},Accounts{,.User}},
 
-  dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
-       interface=org.freedesktop.PolicyKit[0-9].Authority
+  dbus (send,receive) bus=system path=/org/freedesktop/PolicyKit1/Authority
+       interface=org.freedesktop.PolicyKit1.Authority
        member={CheckAuthorization,Changed},
 
-  dbus send bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
+  dbus send bus=system path=/org/freedesktop/PolicyKit1/Authority
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 

apparmor.d/groups/freedesktop/pipewire-media-session

@@ -22,12 +22,12 @@ profile pipewire-media-session @{exec_path} {
   network bluetooth stream,
   network netlink raw,
 
-  dbus send bus=system path=/org/freedesktop/RealtimeKit[0-9]
+  dbus send bus=system path=/org/freedesktop/RealtimeKit1
        interface=org.freedesktop.DBus.Properties
        member=Get
        peer=(name=org.freedesktop.RealtimeKit1),
 
-  dbus send bus=system path=/org/freedesktop/RealtimeKit[0-9]
+  dbus send bus=system path=/org/freedesktop/RealtimeKit1
        interface=org.freedesktop.RealtimeKit1
        member=MakeThreadRealtime
        peer=(name=org.freedesktop.RealtimeKit1),

apparmor.d/groups/freedesktop/polkit-agent-helper

@@ -30,13 +30,13 @@ profile polkit-agent-helper @{exec_path} {
   signal (receive) set=(term, kill) peer=pkttyagent,
   signal (receive) set=(term, kill) peer=polkit-*-authentication-agent,
 
-  dbus (send) bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
+  dbus (send) bus=system path=/org/freedesktop/PolicyKit1/Authority
        interface=org.freedesktop.DBus.Properties
        member=GetAll
        peer=(name=:*),
 
-  dbus (send) bus=system path=/org/freedesktop/PolicyKit[0-9]/Authority
-       interface=org.freedesktop.PolicyKit[0-9].Authority
+  dbus (send) bus=system path=/org/freedesktop/PolicyKit1/Authority
+       interface=org.freedesktop.PolicyKit1.Authority
        member=AuthenticationAgentResponse2
        peer=(name=:*),
 

apparmor.d/groups/freedesktop/xdg-desktop-portal-gtk

@@ -9,6 +9,7 @@ include <tunables/global>
 @{exec_path} = @{lib}/xdg-desktop-portal-gtk
 profile xdg-desktop-portal-gtk @{exec_path} {
   include <abstractions/base>
+  include <abstractions/bus/atspi>
   include <abstractions/dbus-accessibility-strict>
   include <abstractions/dbus-session-strict>
   include <abstractions/dbus-strict>
@@ -28,11 +29,6 @@ profile xdg-desktop-portal-gtk @{exec_path} {
 
   unix (send, receive, connect) type=stream peer=(addr="@/tmp/.X11-unix/*", label=gnome-shell),
 
-  dbus send bus=session path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-       peer=(name=org.freedesktop.DBus, label=dbus-daemon),
-
   dbus send bus=system path=/org/freedesktop/Accounts/User[0-9]*
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
@@ -88,31 +84,6 @@ profile xdg-desktop-portal-gtk @{exec_path} {
        member={RunningApplicationsChanged,WindowsChanged}
        peer=(name=:*, label=gnome-shell),
 
-  dbus send    bus=accessibility path=/org/a11y/atspi/registry/deviceeventcontroller
-       interface=org.a11y.atspi.DeviceEventController
-       member={GetKeystrokeListeners,GetDeviceEventListeners}
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus send    bus=accessibility path=/org/a11y/atspi/registry
-       interface=org.a11y.atspi.Registry
-       member=GetRegisteredEvents
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus receive bus=accessibility path=/org/a11y/atspi/registry
-       interface=org.a11y.atspi.Registry
-       member=EventListenerDeregistered
-       peer=(name=:*, label=at-spi2-registryd),
-
-  dbus send bus=accessibility path=/org/a11y/atspi/accessible/root
-       interface=org.a11y.atspi.Socket
-       member=Embed
-       peer=(name=org.a11y.atspi.Registry), # all peer's labels
-
-  dbus send bus=session path=/org/a11y/bus
-       interface=org.a11y.Bus
-       member=GetAddress
-       peer=(name=org.a11y.Bus, label=at-spi-bus-launcher),
-
   dbus send bus=session path=/org/gtk/vfs/mounttracker
        interface=org.gtk.vfs.MountTracker
        member=ListMountableInfo

apparmor.d/groups/gnome/gdm-session-worker

@@ -55,8 +55,8 @@ profile gdm-session-worker @{exec_path} flags=(attach_disconnected) {
        member=UserAdded
        peer=(name=:*, label=accounts-daemon),
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member={CreateSession,ReleaseSession},
 
   @{exec_path} mrix,

apparmor.d/groups/gnome/gnome-keyring-daemon

@@ -19,25 +19,20 @@ profile gnome-keyring-daemon @{exec_path} flags=(attach_disconnected) {
   signal (receive) set=(term) peer=gdm,
   signal (send) set=(term) peer=ssh-agent,
 
-  dbus send bus=session path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-       peer=(name=org.freedesktop.DBus, label=dbus-daemon),
-
-  dbus send    bus=system path=/org/freedesktop/login[0-9]/session/*
+  dbus send bus=system path=/org/freedesktop/login1/session/*
        interface=org.freedesktop.DBus.Properties
        member=Get
-       peer=(name=org.freedesktop.login[0-9]),
+       peer=(name=org.freedesktop.login1),
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]/session/*
+  dbus receive bus=system path=/org/freedesktop/login1/session/*
        interface=org.freedesktop.DBus.Properties
        member=PropertiesChanged
        peer=(name=:*, label=systemd-logind),
 
-  dbus send    bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send    bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=GetSession
-       peer=(name=org.freedesktop.login[0-9]),
+       peer=(name=org.freedesktop.login1),
 
   dbus send bus=session path=/org/gnome/SessionManager
        interface=org.gnome.SessionManager

apparmor.d/groups/gnome/gnome-session-binary

@@ -39,20 +39,20 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
        member={RequestName,ReleaseName,UpdateActivationEnvironment,GetConnectionUnixUser,GetConnectionUnixProcessID}
        peer=(name=org.freedesktop.DBus label=dbus-daemon),
 
-  dbus send    bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send    bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member={CanPowerOff,GetSession,PowerOff,Inhibit,Reboot}
        peer=(name=:*, label=systemd-logind),
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus receive bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member={SessionNew,PrepareForShutdown,SessionRemoved,UserNew,UserRemoved,PrepareForSleep}
        peer=(name=:*, label=systemd-logind),
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]/session/*
-       interface=org.freedesktop.login[0-9].Session
+  dbus send bus=system path=/org/freedesktop/login1/session/*
+       interface=org.freedesktop.login1.Session
        member=SetIdleHint
-       peer=(name=org.freedesktop.login[0-9], label=systemd-logind),
+       peer=(name=org.freedesktop.login1, label=systemd-logind),
 
   dbus (send,receive) bus=session path=/org/gnome/SessionManager{,/**}
        interface={org.freedesktop.DBus.Introspectable,org.gnome.SessionManager**},
@@ -62,7 +62,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
        member=GetAll
        peer=(name=:*, label=at-spi2-registryd),
 
-  dbus send bus=session path=/org/gnome/SessionManager/Client[0-9]*
+  dbus send bus=session path=/org/gnome/SessionManager/Client@{int}
        interface=org.gnome.SessionManager.ClientPrivate
        member=CancelEndSession
        peer=(name=org.freedesktop.DBus, label=gsd-*),
@@ -82,7 +82,7 @@ profile gnome-session-binary @{exec_path} flags=(attach_disconnected) {
        member=GetAll
        peer=(name=:*, label=gnome-shell),
 
-  dbus (send, receive) bus=system path=/org/freedesktop/login[0-9]*
+  dbus (send, receive) bus=system path=/org/freedesktop/login1*
        interface=org.freedesktop.DBus.Properties
        member={GetAll,PropertiesChanged}
        peer=(name=:*, label=systemd-logind),

apparmor.d/groups/gnome/gnome-session-ctl

@@ -15,10 +15,10 @@ profile gnome-session-ctl @{exec_path} {
 
   unix (send, receive, connect) type=stream peer=(addr=@/tmp/dbus-????????, label=dbus-daemon),
 
-  dbus send bus=session path=/org/freedesktop/systemd[0-9]*
-       interface=org.freedesktop.systemd[0-9]*.Manager
+  dbus send bus=session path=/org/freedesktop/systemd1
+       interface=org.freedesktop.systemd1.Manager
        member={StartUnit,StopUnit}
-       peer=(name=org.freedesktop.systemd[0-9]*),
+       peer=(name=org.freedesktop.systemd1),
 
   dbus send bus=session path=/org/gnome/SessionManager
        interface=org.gnome.SessionManager

apparmor.d/groups/gnome/gsd-media-keys

@@ -31,24 +31,24 @@ profile gsd-media-keys @{exec_path} flags=(attach_disconnected) {
        member={RequestName,ReleaseName}
        peer=(name=org.freedesktop.DBus, label=dbus-daemon),
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
+  dbus send bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
-  dbus send    bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send    bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=Inhibit,
 
-  dbus send    bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send    bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=PowerOff,
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus receive bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member={SessionNew,SessionRemoved,PrepareForShutdown,UserNew,UserRemoved,PrepareForSleep}
        peer=(name=:*, label=systemd-logind),
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
+  dbus receive bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.DBus.Properties
        member=PropertiesChanged,
 

apparmor.d/groups/gnome/gsd-power

@@ -25,40 +25,35 @@ profile gsd-power @{exec_path} flags=(attach_disconnected) {
 
   signal (receive) set=(term, hup) peer=gdm*,
 
-  dbus send bus=session path=/org/freedesktop/DBus
-       interface=org.freedesktop.DBus
-       member={RequestName,ReleaseName}
-       peer=(name=org.freedesktop.DBus, label=dbus-daemon),
-
   dbus (send,receive) bus=system path=/org/freedesktop/UPower{,/**}
        interface=org.freedesktop.{DBus.Properties,UPower*},
 
   dbus send bus=system path=/org/freedesktop/systemd[0-9]
        interface=org.freedesktop.DBus.Properties
        member=Get,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
+  dbus send bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]/session/auto
+  dbus send bus=system path=/org/freedesktop/login1/session/auto
        interface=org.freedesktop.DBus.Properties
        member=GetAll,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]/session/auto
-       interface=org.freedesktop.login[0-9].Session
+  dbus send bus=system path=/org/freedesktop/login1/session/auto
+       interface=org.freedesktop.login1.Session
        member=SetBrightness,
 
-  dbus send bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus send bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member=Inhibit,
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
-       interface=org.freedesktop.login[0-9].Manager
+  dbus receive bus=system path=/org/freedesktop/login1
+       interface=org.freedesktop.login1.Manager
        member={SessionNew,SessionRemoved,PrepareForShutdown,UserNew,UserRemoved,PrepareForSleep}
        peer=(name=:*, label=systemd-logind),
 
-  dbus receive bus=system path=/org/freedesktop/login[0-9]
+  dbus receive bus=system path=/org/freedesktop/login1
        interface=org.freedesktop.DBus.Properties
        member=PropertiesChanged,
 

apparmor.d/groups/systemd/systemd-localed

@@ -22,7 +22,7 @@ profile systemd-localed @{exec_path} flags=(attach_disconnected) {
        member={ReleaseName,RequestName}
        peer=(name=org.freedesktop.DBus),
 
-  dbus receive bus=system path=/org/freedesktop/locale[0-9]
+  dbus receive bus=system path=/org/freedesktop/locale1
        interface=org.freedesktop.DBus.Properties
        member=GetAll,